-
-
Notifications
You must be signed in to change notification settings - Fork 243
Masks field
The Masks field is a tricky but powerful way to describe permissions.
It is actually able to do anything, but the who-can fields in the interface are much easier to use, so you should try to use the latter whenever possible and recur to masks only when necessary. The who-can fields are quite easy to understand, trickier cases are the ones that require the use of masks.
To use it effectively you should know the syntax used internally by the VFS. You can read it about it here.
This field maps one or multiple file-masks to a set of properties. In this example we set permission for a single file:
myfile.txt:
can_see: false
can_read: falseRules on top have priority over bottom rules. Inner rules have priority over parent's rules. A mask can carry any node property (even property "masks") plus a special property maskOnly (optional) to restrict the application of the mask to only files or folders, just by specifying exactly files or folders.
"folder1/folder2|folder3/folder4/*.mp3":
can_see: falseSelect the folder and enter these rules in the Masks field
"*.zip":
can_read: false"**/*.mp3":
can_read: false
"*.dat":
mime: application/somethingSelect the folder and enter these rules in the Masks field
"**.zip":
can_read: false** is like * but applies to subfolders too.
Select the folder and enter these rules in the Masks field
"*.zip":
can_read: true
"*":
can_read: false